Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
File: 1K5pV43Ol3ozqindV8oZD6aHd_o.mft (raw, json)
Hash identifier: 6EiuZK4nh1N6GRVSHKb4GGPIj7pKLy5CGNlo0VoPBvU=
Subject key identifier: 49:45:DA:6F:C8:A0:15:2A:5F:CD:4E:A8:08:4A:80:29:36:98:E7:70
Authority key identifier: D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
Certificate issuer: /CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Certificate serial: 0199FBEBB8FFA232925734B32198EAF95CC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
Manifest number: 0D58
Signing time: Sun 19 Oct 2025 10:02:33 +0000
Manifest this update: Sun 19 Oct 2025 10:02:33 +0000
Manifest next update: Mon 20 Oct 2025 10:02:33 +0000
Files and hashes: 1: 1K5pV43Ol3ozqindV8oZD6aHd_o.crl (hash: AKHaQSuDhXKCLYDKHf3R5k4gCI0vklX0fDm+8SP6Xd0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:b8:ff:a2:32:92:57:34:b3:21:98:ea:f9:5c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Validity
Not Before: Oct 19 10:02:33 2025 GMT
Not After : Oct 20 10:02:33 2025 GMT
Subject: CN=4945da6fc8a0152a5fcd4ea8084a80293698e770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:17:56:9f:08:0f:91:68:48:e4:85:5a:3c:
eb:56:42:0d:35:0b:79:12:7c:b3:30:04:78:97:5a:
46:f7:e5:ea:74:b9:04:26:0d:1c:41:ec:9e:78:d6:
eb:40:99:4f:3e:f0:19:d4:8d:96:07:95:4b:c5:7c:
ad:26:9e:be:b4:31:59:07:85:d0:c1:c9:bf:11:7f:
be:31:0c:a4:59:c2:fc:10:b8:26:98:b4:cb:6d:7a:
3f:62:40:6e:27:b0:7f:9b:15:73:19:f4:b0:93:76:
6c:e8:8f:f3:f9:72:23:24:af:8f:11:cc:9e:46:33:
1d:4a:b2:7c:f2:42:ce:e6:9f:06:04:e8:bf:09:27:
07:30:af:02:25:72:80:ca:41:bf:5b:76:d7:0a:3c:
ef:30:8e:63:26:6c:66:a5:20:45:1b:fc:05:ed:b8:
f5:88:b0:84:fe:d6:53:0d:c2:31:ad:d3:b6:f6:b5:
a2:a5:5d:5a:96:da:ad:2b:43:c8:56:97:66:0a:be:
7f:9c:fb:52:36:4e:dc:9d:a1:cf:d2:0a:f5:6d:cc:
0c:5f:15:f3:81:27:b5:95:ba:a4:b1:39:e0:d4:b1:
b9:84:a8:75:ea:a2:af:c6:9c:ac:cc:aa:fb:f0:e4:
a4:ad:1e:da:4b:d4:f9:37:be:a0:69:f8:b3:99:2e:
41:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:45:DA:6F:C8:A0:15:2A:5F:CD:4E:A8:08:4A:80:29:36:98:E7:70
X509v3 Authority Key Identifier:
keyid:D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:70:04:8f:ff:61:25:cc:f4:2c:75:d4:ab:96:a8:fd:8a:4e:
01:6b:b4:f6:c5:f7:4c:83:0e:f3:68:b7:aa:34:6a:f0:bd:02:
90:33:bc:93:38:44:78:28:ad:78:82:f1:87:95:71:f5:0e:64:
7b:f7:fd:43:72:8d:cc:b0:5c:cb:99:06:50:f4:e4:0f:5c:dd:
7b:50:db:a9:ef:37:1b:b9:bd:a6:61:6f:4c:94:81:46:38:82:
7c:5a:df:39:ef:bf:b6:3b:af:68:fe:41:0a:a4:bc:0f:f7:ec:
04:16:c6:3c:ff:e9:7c:ee:10:7a:be:e7:68:3c:7e:25:f4:d0:
03:a2:c5:d0:47:fa:01:19:0a:ce:c7:51:d7:35:44:b9:4c:ac:
c6:b9:94:48:89:50:2a:2c:e2:10:4c:ba:40:65:42:4b:56:76:
7e:6b:d9:ff:eb:c9:3b:a4:c0:7e:44:31:ea:1d:9b:7e:39:89:
dd:50:7d:7e:02:98:16:28:cf:92:c8:0a:db:5c:94:f6:ba:4c:
f8:9e:0a:8e:cf:f9:9f:82:e7:8d:c0:00:03:12:02:fd:a2:fa:
71:ea:33:f2:09:33:f8:9b:6d:13:da:ec:bf:dd:e4:25:92:b1:
f0:ee:e6:d9:cb:10:a2:fb:5c:47:15:ca:24:0d:a7:37:bd:4d:
f7:4d:67:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn767j/ojKSVzSzIZjq+VzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWU2OTU3OGRjZTk3N2EzM2FhMjlkZDU3Y2ExOTBmYTY4
Nzc3ZmEwHhcNMjUxMDE5MTAwMjMzWhcNMjUxMDIwMTAwMjMzWjAzMTEwLwYDVQQD
Eyg0OTQ1ZGE2ZmM4YTAxNTJhNWZjZDRlYTgwODRhODAyOTM2OThlNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyycXVp8ID5FoSOSFWjzrVkINNQt5
EnyzMAR4l1pG9+XqdLkEJg0cQeyeeNbrQJlPPvAZ1I2WB5VLxXytJp6+tDFZB4XQ
wcm/EX++MQykWcL8ELgmmLTLbXo/YkBuJ7B/mxVzGfSwk3Zs6I/z+XIjJK+PEcye
RjMdSrJ88kLO5p8GBOi/CScHMK8CJXKAykG/W3bXCjzvMI5jJmxmpSBFG/wF7bj1
iLCE/tZTDcIxrdO29rWipV1altqtK0PIVpdmCr5/nPtSNk7cnaHP0gr1bcwMXxXz
gSe1lbqksTng1LG5hKh16qKvxpyszKr78OSkrR7aS9T5N76gafizmS5BSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElF2m/IoBUqX81OqAhKgCk2mOdwMB8GA1UdIwQY
MBaAFNSuaVeNzpd6M6op3VfKGQ+mh3f6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5Yjct
YjRmMjk3N2QxOTZiLzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5YjctYjRmMjk3N2QxOTZi
LzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh3AEj/9h
Jcz0LHXUq5ao/YpOAWu09sX3TIMO82i3qjRq8L0CkDO8kzhEeCiteILxh5Vx9Q5k
e/f9Q3KNzLBcy5kGUPTkD1zde1Dbqe83G7m9pmFvTJSBRjiCfFrfOe+/tjuvaP5B
CqS8D/fsBBbGPP/pfO4Qer7naDx+JfTQA6LF0Ef6ARkKzsdR1zVEuUysxrmUSIlQ
KiziEEy6QGVCS1Z2fmvZ/+vJO6TAfkQx6h2bfjmJ3VB9fgKYFijPksgK21yU9rpM
+J4Kjs/5n4LnjcAAAxIC/aL6ceoz8gkz+JttE9rsv93kJZKx8O7m2csQovtcRxXK
JA2nN71N901nYA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:32:07 2025 by rpki-client